Malcolm Harkins is the Chief Security and Trust Officer at Cylance Inc. He oversees information technology, information risk and security, as well as security and privacy policy. Harkins is also responsible for peer out reach activities to drive improvement across the world in the understanding of cyber-risks as well as best practices to manage and mitigate those risks. Previously Harkins was Vice President and Chief Security and Privacy Officer (CSPO) at Intel Corporation.

Ben Johnson is founder and CTO of Obsidian Security and formerly of Carbon Black and the National Security Agency. We met in San Francisco while Ben was in town for RSA 2018. In the interview we discuss his work and how the movie Enemy of the State inspired him to join the NSA. We also discuss GDPR and other cybersecurity related stuff.

Benjamin Caudill and Spencer Gietzen of Rhino Security Labs join me to discuss their research on Amazon Web Services privilege escalation vulnerabilities. Spencer recently revealed their AWS research on the Rhino Security Labs blog. Rhino is also rolling out a new open source AWS post-exploitation framework, designed for offensive security testing against AWS environments called Pacu. We also discuss how Ben and Spencer both found their way into the information security industry, pet peeves and more!

My guest this episode is social engineering guru Joe Gray. Joe is a Senior Security Architect at IBM and has his own blog and podcast called Advanced Persistent Security. Joe presented a talk at RSA this year with friend of the show Rachel Tobac on social engineering and OSINT which I posted the full audio of here. Joe spoke with me about Social Engineering, OSINT, vishing, SECTFs, password inspections and more!